1 package net.sourceforge.heracles.heracleshttpclient.web;
2
3 import java.util.ArrayList;
4 import java.util.Collection;
5 import java.util.Iterator;
6
7 import javax.faces.application.FacesMessage;
8 import javax.faces.context.FacesContext;
9 import javax.faces.event.ActionEvent;
10 import javax.faces.model.SelectItem;
11 import javax.servlet.http.HttpServletRequest;
12 import javax.servlet.http.HttpSession;
13
14 import net.sourceforge.heracles.acegi.HeraclesUserDetails;
15 import net.sourceforge.heracles.heracleshttpclient.service.Service;
16 import net.sourceforge.heracles.model.LdapGroup;
17 import net.sourceforge.heracles.model.LdapUser;
18
19 import org.acegisecurity.Authentication;
20 import org.acegisecurity.AuthenticationException;
21 import org.acegisecurity.AuthenticationManager;
22 import org.acegisecurity.context.HttpSessionContextIntegrationFilter;
23 import org.acegisecurity.context.SecurityContext;
24 import org.acegisecurity.context.SecurityContextHolder;
25 import org.acegisecurity.providers.UsernamePasswordAuthenticationToken;
26 import org.acegisecurity.ui.WebAuthenticationDetails;
27 import org.acegisecurity.ui.webapp.AuthenticationProcessingFilter;
28 import org.apache.log4j.Logger;
29
30
31 /**
32 * Title: AcegiController.java<br>
33 * Java Version: JDK 1.5<br>
34 *
35 * @author Philipp Gantert
36 * @version 1.0
37 */
38 public class AcegiController {
39 private Logger logger = Logger.getLogger(getClass());
40
41 private String username;
42
43 private String password;
44
45 private String domaine;
46
47 private String group;
48
49 private Collection<SelectItem> choose;
50
51 private Service service;
52
53 private AuthenticationManager authenticationManager;
54
55 public void setService(Service service) {
56 this.service = service;
57 logger.debug("Service initialisiert");
58 }
59
60 public void setAuthenticationManager(AuthenticationManager authenticationManager) {
61 this.authenticationManager = authenticationManager;
62 logger.debug("authenticationManager initialisiert");
63 }
64
65 public AuthenticationManager getAuthenticationManager() {
66 return authenticationManager;
67 }
68
69 public AcegiController() {
70 logger.setAdditivity(false);
71 }
72
73 public String getPassword() {
74 return password;
75 }
76
77 public void setPassword(String password) {
78 this.password = password;
79 }
80
81 public String getUsername() {
82 return username;
83 }
84
85 public void setUsername(String username) {
86 this.username = username;
87 }
88
89 public String getDomaine() {
90 return domaine;
91 }
92
93 public void setDomaine(String domaine) {
94 this.domaine = domaine;
95 }
96
97 public String getGroup() {
98 return group;
99 }
100
101 public void setGroup(String group) {
102 this.group = group;
103 }
104
105 public Collection<SelectItem> getChoose() {
106 logger.debug("Auswahlliste holen");
107 choose = new ArrayList<SelectItem>();
108 choose.add(new SelectItem("hft-so.bbz-sg.lan"));
109 choose.add(new SelectItem("bbz-sg.lan"));
110 return choose;
111 }
112
113 public void setChoose(Collection<SelectItem> choose) {
114 this.choose = choose;
115 }
116
117
118
119
120
121 public void logout(ActionEvent ereignis) {
122 HttpSession session = (HttpSession) FacesContext.getCurrentInstance().getExternalContext()
123 .getSession(false);
124 logger.debug("Id der UIComponent: " + ereignis.getComponent().getId());
125 session.invalidate();
126 }
127
128
129 public String authenticate() throws Exception {
130 logger.setAdditivity(false);
131 String outcome = "failure";
132
133 HttpServletRequest request = (HttpServletRequest) getFacesContext().getExternalContext().getRequest();
134
135 HttpSession session = (HttpSession) request.getSession();
136
137 String name=getUsername()+"@"+getDomaine().toUpperCase();
138
139 try {
140 String userName = name;
141 String password = getPassword();
142 logger.debug(userName + " " + password);
143 UsernamePasswordAuthenticationToken authReq = new UsernamePasswordAuthenticationToken(userName,
144 password);
145
146 authReq.setDetails(new WebAuthenticationDetails(request));
147
148 session.setAttribute(AuthenticationProcessingFilter.ACEGI_SECURITY_LAST_USERNAME_KEY, userName);
149 logger.debug("Attribut gesetzt!!!");
150
151 Authentication auth = getAuthenticationManager().authenticate(authReq);
152 logger.debug(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY);
153 SecurityContext secCtx = SecurityContextHolder.getContext();
154 logger.debug(secCtx.toString());
155 secCtx.setAuthentication(auth);
156
157 HeraclesUserDetails userDetails= (HeraclesUserDetails)auth.getPrincipal();
158 LdapUser ldapUser=userDetails.getLdapUser();
159 logger.debug("LdapUser is null? "+ldapUser==null);
160
161 logger.debug("placing SecurityContext from holder into session");
162 session.setAttribute(HttpSessionContextIntegrationFilter.ACEGI_SECURITY_CONTEXT_KEY, secCtx);
163
164 StringBuffer sb = new StringBuffer();
165
166 Iterator iter = ldapUser.getLdapGroups().iterator();
167 outcome = "error";
168 while (iter.hasNext()) {
169 LdapGroup ldapGroup = (LdapGroup) iter.next();
170 sb.append(ldapGroup.getName());
171 sb.append("; ");
172 if (ldapGroup.getName().equals("heracles_admin")) {
173 logger.debug("HERACLES_ADMIN set to group attribute");
174 session.setAttribute("ldapUser", ldapUser);
175 session.setAttribute("heracles_admin", true);
176 session.setAttribute("logoff", true);
177 outcome = "success";
178 }
179 if (ldapGroup.getName().equals("heracles_mitarbeiter")) {
180 logger.debug("HERACLES_MITARBEITER set to group attribute");
181 session.setAttribute("ldapUser", ldapUser);
182 session.setAttribute("logoff", true);
183 outcome = "success";
184 }
185 }
186 session.setAttribute("groups",sb.toString());
187
188 } catch (AuthenticationException e) {
189 logger.debug(e.toString());
190 getFacesContext().addMessage(null, new FacesMessage(e.getMessage()));
191 }
192 return outcome;
193 }
194
195 private FacesContext getFacesContext() {
196 return FacesContext.getCurrentInstance();
197 }
198 }